]> git.donarmstrong.com Git - dsa-puppet.git/blob - modules/munin/manifests/init.pp
projects / dsa-puppet.git / blob
? search:


8258f9b13248eab8ee0c2ae91971f0ffa141f42b
[dsa-puppet.git] / modules / munin / manifests / init.pp
1 class munin {
2
3         package { 'munin-node':
4                 ensure => installed
5         }
6
7         service { 'munin-node':
8                 ensure  => running,
9                 require => Package['munin-node'],
10         }
11
12         $owner = $::lsbdistcodename ? {
13                 squeeze => munin,
14                 wheezy  => root,
15                 undef => munin,
16         }
17
18         $gid = $::lsbdistcodename ? {
19                 squeeze => adm,
20                 wheezy  => 'www-data',
21                 undef => adm,
22         }
23
24         file { '/var/log/munin':
25                 ensure => directory,
26                 owner  => $owner,
27                 group  => $gid,
28                 mode   => '0755',
29         }
30
31         file { '/etc/munin/munin-node.conf':
32                 content => template('munin/munin-node.conf.erb'),
33                 require => Package['munin-node'],
34                 notify  => Service['munin-node'],
35         }
36
37         file { '/etc/munin/plugin-conf.d/munin-node':
38                 content => template('munin/munin-node.plugin.conf.erb'),
39                 require => Package['munin-node'],
40                 notify  => Service['munin-node'],
41         }
42
43         file { [ '/etc/munin/plugins/df', '/etc/munin/plugins/df_abs', '/etc/munin/plugins/df_inode' ]:
44                 source => 'puppet:///modules/munin/df-wrap',
45                 mode    => '0555',
46                 require => Package['munin-node'],
47                 notify  => Service['munin-node'],
48         }
49
50         @ferm::rule { 'dsa-munin-v4':
51                 description     => 'Allow munin from munin master',
52                 rule            => 'proto tcp mod state state (NEW) dport (munin) @subchain \'munin\' { saddr ($HOST_MUNIN_V4 $HOST_NAGIOS_V4) ACCEPT; }',
53                 notarule        => true,
54         }
55
56         @ferm::rule { 'dsa-munin-v6':
57                 description     => 'Allow munin from munin master',
58                 domain          => 'ip6',
59                 rule            => 'proto tcp mod state state (NEW) dport (munin) @subchain \'munin\' { saddr ($HOST_MUNIN_V6 $HOST_NAGIOS_V6) ACCEPT; }',
60                 notarule        => true,
61         }
62
63         @@munin::master-per-node {
64                 $::fqdn:
65                         ipaddress => $::ipaddress,
66                         munin_async => $::munin_async,
67                         ;
68         }
69
70         if $munin_async and $munin_async == 'true' {
71                 file { '/etc/ssh/userkeys/munin-async':
72                         source => 'puppet:///modules/munin/munin-async-authkeys',
73                 }
74         } else {
75                 file { '/etc/ssh/userkeys/munin-async':
76                         ensure => 'absent',
77                 }
78         }
79 }
Unnamed repository; edit this file 'description' to name the repository.